First published: Tue Oct 31 2023(Updated: )
Stored Cross Site Scripting (XSS) vulnerability in MiniCMS 1.1.1 allows attackers to run arbitrary code via crafted string appended to /mc-admin/conf.php.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
=1.11 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2023-46378 is medium with a CVSS score of 5.4.
The vulnerability allows attackers to run arbitrary code by appending a crafted string to the /mc-admin/conf.php file.
The version 1.11 of MiniCMS is affected by CVE-2023-46378.
There is no official fix available for CVE-2023-46378 at the moment.
More information about CVE-2023-46378 can be found at the following link: [https://github.com/Num-Nine/CVE/wiki/Minicms1.1.1-Exists-storage-xss](https://github.com/Num-Nine/CVE/wiki/Minicms1.1.1-Exists-storage-xss)